Featured Slideshow

In a Dallas courtroom on Thursday, writer and activist Barrett Brown was sentenced to 63 months in prison and was ordered to pay a little more than $890,000 in restitution and fines, according to reports.

Featured Spotlight

For the security industry, the tide is shifting. Executives and boards are recognizing future ROI benefits in beefing up security when alerted to the potential of a three to five percent sales decline following a data breach.

Early last week, it was discovered that more than 50 apps offered in Google's official Android Market were infected with malware, known as “DroidDream,” that is capable of gaining root access to a device, harvesting data and installing additional malicious code.

Google has since removed all the malicious apps from its app store and is issuing a security update to affected devices – called “Android Market Security Tool March 2011” – that will remove the exploits and prevent attackers from accessing any more information, the search giant said in a blog post Saturday from Android security lead Rich Cannings.

Approximately 260,000 Android devices had one or more malicious apps
installed, according to reports. A Google spokesman would not publicly provide a number.

But while Google's tool effectively eradicates the malware, it does not fix the underlying vulnerabilities that the malicious apps took advantage of, Cluley said.

The apps exploited known vulnerabilities, which have been fixed in Android 2.2.2 (Froyo) and higher, Google said. Those running older Android versions, such as 1.5 (Cupcake), 1.6 (Donut) and 2.0/2.1 (Éclair), may still be vulnerable to similar attacks, Cluley said.

“It is up to individual carriers and smartphone vendors to make sure that the patch is rolled out to users running older versions of Android,” he said. “There are so many devices running so many different flavors of Android, ensuring that all of them are kept up-to-date with security patches becomes a very serious problem.”

Google said it is working with its partners to provide a fix for the underlying security flaws. In the meantime, the company has suspended the developer accounts of those who posted the malicious apps and is contact with law enforcement.

Also, the search giant is adding additional, unspecified safeguards to prevent other malicious apps from being distributed in the Android Market.

Google said it believes the attackers were only able to gather certain device-specific information, including IMEI/IMSI numbers, unique codes that are used to identify mobile devices, and the version of Android running on the device.

“[But] given the nature of the exploits, the attacker(s) could access other data, which is why we've taken a number of steps to protect those who downloaded a malicious application,” Google's Cannings wrote.

SC Magazine arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.